Product Security Glossary

IoT Penetration Testing

What is IoT Penetration Testing? 

IoT penetration testing is the practice of trying to break into Internet of Things networks or devices in order to test their security.  This is done only with the explicit permission of the owners of the networks or devices. IoT Penetration Testing is usually done with the aid of automatic tools.  

Why do we need IoT Penetration Testing? 

IoT penetration testing is a valuable tool for ensuring the security of IoT devices and networks.  If devices are configured incorrectly, or buggy software is running on the devices, it could allow malicious attackers to break into the system.  The attackers could then steal sensitive data, plant malware, or perform other kinds of mischief.  If the IoT device in question is part of an Industrial IoT, then safety is also a concern.  Attacks on an Industrial IoT could cause manufacturing delays, equipment damage, or even injury or death to personnel.  Medical devices can also be part of an IoT, and attacks on them could be deadly for people who use them. 

There are literally billions of IoT devices in use, which gives attackers a very large attack surface. 

Is IoT Penetration Testing different from normal Penetration Testing? 

IoT penetration testing and normal penetration testing are similar in some ways, but different in others.  In either case, testers would use mostly the same penetration testing tools, and would use a lot of the same penetration testing techniques. 

One major difference is that with normal penetration testing, there will be more emphasis on social engineering.  For example, with normal penetration testing, computer users might receive an email with a link to something malicious.  If they click on the link, they fail the test.  With IoT penetration testing, there’s normally less user interface that’s conducive to social engineering attacks.  So, more emphasis will be given to the physical network and devices, and less on users. 

With IoT penetration testing, you’re dealing with a wider variety of devices, with a wider variety of communications protocols, including several types of wireless protocols.  This means that malicious attackers have a wider variety of devices that they can try to compromise, and possibly more ways to gain entry.  It also means that a penetration tester would need to have a good working knowledge of these various device types and their protocols.  Also, a normal LAN is more likely to be more self-contained than what an IoT network would be.  With an IoT network, you’re more likely to be dealing with cloud-based gateways, and with devices that can communicate directly with each other. 

What will happen after IoT Penetration Testing? 

The point of IoT penetration testing is to find out if it’s possible for someone to break into your devices or systems.  After the penetration test is complete, the testing personnel will write a report about their findings, and share it with the management and security personnel of the target organization.  A good report will also include recommendations on how to mitigate the risks located. The organization should then review the report and consider its recommendations.